A method for IC card session key derivation is involved in an authentication method between a master and a user IC card before starting communications to mutually determine that the master IC card is authorized to read information stored in the user IC card. Similarly, the user IC card is authorized to read information stored in the master IC card before starting the communications.
More particularly, a method for IC cards session key derivation is used during a mutual authentication to determine an authentication between the master and the user IC card interconnected and communicating through an interface terminal. The master IC card comprises at least a first memory unit for storing a first plurality of data, and the user IC card comprises at least a second memory unit for storing a second plurality of data.
Generally, at least a portion of the first and the second plurality of data are secret and require protection. For example, this may be because they comprise sensitive data or information used in secure transactions of a banking application.
In a banking application as schematically shown in FIG. 1, a POS terminal 3 connects a first SAM IC card 1 and a second user IC card 2, for example, respectively through a first slot 3a and a second slot 3b provided by the POS terminal 3 itself. The first SAM IC card 1 comprises at least a first memory unit la for storing a first plurality of data, and the second user IC card 2 comprises at least a second memory unit 2a for storing a second plurality of data.
The authentication between the SAM IC card 1 and the user IC card 2 is generally implemented through a mutual authentication that is briefly described below. The first memory unit 1a inside the SAM IC card 1 holds a Master Key 1M and a Function 1F. The Function 1F is used to derive an additional Key, relating to a user IC card 2 inserted in the second slot 3b of the POS terminal 3.
More particularly, such an additional key, hereinafter indicated as Child Unique Keys 1K, is used to implement the mutual authentication between the SAM IC card 1 and the user IC card 2. The mutual authentication provides that an IC card identification number, for example an IC card serial number 2sn generally stored inside the second memory unit 2a of a user IC card 2, is transmitted to the SAM IC card 1.
The Function 1F processes through the Master key 1M and the IC card serial number 2sn, a Child Unique Key 1K to be used to authenticate a corresponding user IC card 2.
The SAM IC card 1 also generates a Random number 1rand, stores it in the first memory unit la and sends it to the user IC card 2. The user IC card 2 reads the Random number 1rand through the POS terminal 3, encrypts it and sends it back to the SAM IC card 1 as an encrypted random number 2enc-rand.
The SAM IC card 1 may decrypt the encrypted Random number 2enc-rand through the Child Unique Key 1K corresponding to the user IC card 2 inserted in the second slot 3b, and previously stored inside the first memory unit 1a. The result of such a decryption is compared to the Random number 1rand stored inside the first memory unit la of the SAM IC card 1.
If the result of the decryption is equal to the Random number 1rand previously stored, the SAM IC card 1 authenticates the user IC card 2. Otherwise, the SAM IC card 1 rejects the user IC card 2. More particularly, if the SAM IC card 1 authenticates the user IC card 2, a reverse authentication called from the user IC card 2 and intended to authenticate the SAM IC card 1 is performed. The reverse authentication substantially comprises all the computations described above to authenticate the user IC card 2.
As described above, the mutual authentication comprises a large amount of communications between the SAM IC card 1 and the user IC card 2. In particular, each communication is intended to send an initialization message of the mutual authentication between the two IC cards 1, 2; an IC card serial number 2sn from the user IC 2 to the SAM IC card 1; a random number 1rand from the SAM IC card 1 to the user IC card 2; an encrypted Random number 2enc-rand from the user IC card 2 to the SAM IC card 1; and an acknowledge or a non-acknowledge message from the SAM IC card 1 to the user IC card 2 respectively intended to start or to refuse the following communication between the two IC cards.
Moreover, when the authentication from the SAM IC card 1 to the user IC card 2 is completed, a mutual authentication from the user IC card 2 to the SAM IC card 1 comprising a corresponding plurality of communications is to be performed. When a communication between the SAM 1 and a user IC card 2 is terminated, a new communication between another user IC card 2 and the SAM IC card 1 may start. The Function 1F processes another Child Unique Key 1K through the Master key 1M and through another IC card serial number 2sn stored inside the user IC card 2, and an authentication is processed.
A considerable number of interactions between the SAM 1 and the user IC card 2 makes the authentication time consuming, thus reducing the throughput of the POS terminal 3 and limiting the number of services rendered to the corresponding user IC card 2. At the same time, with more communications between the SAM 1 and the user IC card 2, the mutual authentication become more dangerous. Each communications is exposed to a potential external attack intended to intercept data. Also, increasing the number of single operations involved in the mutual authentication becomes expensive, and the time required by the global mutual authentication increases.
In other words, the authentication between a master IC card 1 and a user IC card 2 exposes the secure data stored inside the corresponding memory units to potential risks due to the time required to complete the mutual authentication. In particular, this is to the time required by the single operations involved in such a mutual authentication, as well as to the number of interchanges required by the authentication itself for reducing the throughput of the terminal that sequentially interconnects a plurality of user IC cards with the same master IC card.